<?//v.3.1.1
#///////////////////////////////////////////////////////
#//  COPYRIGHT 2004 Phpauction.org ALL RIGHTS RESERVED//
#///////////////////////////////////////////////////////

require('../includes/config.inc.php');
include "loggedin.inc.php";
include $include_path.'status.inc.php';
include $include_path.'dates.inc.php';

#//
unset($ERR);

#//Default for error message (blank)
$ERR = "&nbsp;";

#// Insert new currency
if($_POST[action] == "update" && phpa_securepost($_POST)) {
	$query = "UPDATE PHPAUCTIONXL_comm_messages
				  SET
				  message='".addslashes($_POST[message])."'
				  WHERE id=$_POST[msg]";
	$res = @mysql_query($query);
	//print $query;
	if(!$res) {
		print "Error: $query<BR>".mysql_error();
		exit;
	} else {
		Header("Location: editmessages.php?id=".$_POST['id']);
		exit;
	}
} else {
	#// Retrieve message from the database
	$query = "SELECT * FROM PHPAUCTIONXL_comm_messages WHERE id=".$_GET['msg'];
	$res_ = @mysql_query($query);
	if(!$res_) {
		print "Error: $query<BR>".mysql_error();
		exit;
	} else {
		$MSG = mysql_fetch_array($res_);
	}
}

?>
<HTML>
<HEAD>
<link rel='stylesheet' type='text/css' href='style.css' />
<link href="css/main.css" rel="stylesheet" type="text/css">
</HEAD>
<body bgcolor="#FFFFFF" text="#000000" link="#0066FF" vlink="#666666" alink="#000066" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<FORM NAME="newcurrency" METHOD="post" ACTION="<?=basename($_SERVER['PHP_SELF'])?>">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0" class="titulo">
        <tr> 
          <td class="icono"><img src="images/content_icon2.gif" width="28" height="27" ></td>
          <td class="breadcrumbs"><p><span><?=$MSG_25_0018?></span>&nbsp;&gt;&gt;&nbsp;<?=$MSG_5032?></p></td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td align="center" valign="middle">&nbsp;</td>
  </tr>
    <tr> 
    <td align="center" valign="middle"> 
  <TABLE WIDTH="95%" BORDER="0" CELLSPACING="0" CELLPADDING="0" ALIGN="CENTER" class="base"  style="border:1px solid #ccc;">
    <TR>
      <TD>
        <TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="0" ALIGN="CENTER">
          <TR>
            <TD COLSPAN="2" align=center class=title>
              <p>  <?=$MSG_5278?></p>
            </TD>
          </TR>
          <TR>
            <TD COLSPAN="2" class="error"><B>
              <p><?=$ERR?></p>
              </B></TD>
          </TR>
          <TR BGCOLOR="#FFFFFF">
            <TD COLSPAN="2" >
			<p><A HREF=editmessages.php?id=<?=$_GET['id']?>><?=$MSG_5279?></A> </p></TD>
          </TR>
          <TR BGCOLOR="#FFFFFF">
            <TD WIDTH="24%" class="lineV" valign="top">
				
			<p class="blue">	<?=$MSG_5059?></p>
			</TD>
            <TD WIDTH="76%">
              <TEXTAREA ROWS=8 COLS=40 NAME="message"><?=stripslashes(htmlentities($MSG[message]))?></TEXTAREA>
            </TD>
          </TR>
          <TR>
            <TD WIDTH="24%" class="gris lineV"><p class="blue"><?=$MSG_5060?></p></TD>
            <TD WIDTH="76%" class="gris"> 
              <?
              if($MSG[user] > 0) {
              	print $MSG[username];
              } else {
              	print $MSG_5061;
              }
			  ?>
              -
              <?=FormatDate($MSG[msgdate])?>
            </TD>
          </TR>
          <TR BGCOLOR="#FFFFFF">
            <TD WIDTH="24%">
              <INPUT TYPE="hidden" NAME="action" VALUE="update" /> <INPUT TYPE="hidden" NAME="security" VALUE="<?php echo $_SESSION['security'];?>" />
              <INPUT TYPE="hidden" NAME="id" VALUE="<?=$_GET['id']?>">
              <INPUT TYPE="hidden" NAME="msg" VALUE="<?=$_GET['msg']?>">
            </TD>
            <TD WIDTH="76%">
              <INPUT TYPE="submit" NAME="Submit" VALUE="UPDATE CHANGES" class="action">
            </TD>
          </TR>
        </TABLE>
      </TD>
    </TR>
  </TABLE>
  </TD>
  </TR>
  </TABLE>
</FORM>
</BODY>
</HTML>